Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Realnetworks Subscribe
Filtered by product Realplayer Sp
Total 82 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-2997 3 Apple, Linux, Realnetworks 4 Mac Os X, Linux Kernel, Realplayer and 1 more 2011-01-25 9.3 HIGH N/A
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted StreamTitle tag in an ICY SHOUTcast stream, related to the SMIL file format.
CVE-2010-4396 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-01-18 4.3 MEDIUM N/A
Cross-zone scripting vulnerability in the HandleAction method in a certain ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 allows remote attackers to inject arbitrary web script or HTML in the Local Zone by specifying a local file in a NavigateToURL action, as demonstrated by a local skin file.
CVE-2010-4395 2 Linux, Realnetworks 3 Linux Kernel, Realplayer, Realplayer Sp 2011-01-18 9.3 HIGH N/A
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a crafted conditional component in AAC frame data.
CVE-2010-4377 3 Apple, Linux, Realnetworks 4 Mac Os X, Linux Kernel, Realplayer and 1 more 2011-01-18 9.3 HIGH N/A
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code by specifying many subbands in cook audio codec information in a Real Audio file.
CVE-2010-4397 3 Apple, Linux, Realnetworks 4 Mac Os X, Linux Kernel, Realplayer and 1 more 2011-01-18 9.3 HIGH N/A
Integer overflow in the pnen3260.dll module in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a crafted TIT2 atom in an AAC file.
CVE-2010-4376 3 Apple, Linux, Realnetworks 4 Mac Os X, Linux Kernel, Realplayer and 1 more 2011-01-18 9.3 HIGH N/A
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a large Screen Width value in the Screen Descriptor header of a GIF87a file in an RTSP stream.
CVE-2010-4391 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-01-18 9.3 HIGH N/A
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 and 2.1.3 allows remote attackers to execute arbitrary code via a crafted value in an unspecified header field in an RMX file.
CVE-2010-4390 2 Linux, Realnetworks 3 Linux Kernel, Realplayer, Realplayer Sp 2011-01-18 9.3 HIGH N/A
Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allow remote attackers to have an unspecified impact via a crafted header in an IVR file.
CVE-2010-4389 2 Linux, Realnetworks 3 Linux Kernel, Realplayer, Realplayer Sp 2011-01-18 9.3 HIGH N/A
Heap-based buffer overflow in the cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via unspecified data in the initialization buffer.
CVE-2010-4388 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-01-18 4.3 MEDIUM N/A
The (1) Upsell.htm, (2) Main.html, and (3) Custsupport.html components in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 and 2.1.3 allow remote attackers to inject code into the RealOneActiveXObject process, and consequently bypass intended Local Machine Zone restrictions and load arbitrary ActiveX controls, via unspecified vectors.
CVE-2010-4387 3 Apple, Linux, Realnetworks 4 Mac Os X, Linux Kernel, Realplayer and 1 more 2011-01-18 9.3 HIGH N/A
The RealAudio codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted audio stream in a RealMedia file.
CVE-2010-4381 2 Apple, Realnetworks 3 Mac Os X, Realplayer, Realplayer Sp 2011-01-18 9.3 HIGH N/A
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, and Mac RealPlayer 11.0 through 12.0.0.1444 allows remote attackers to have an unspecified impact via a crafted AAC file.
CVE-2010-4380 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-01-18 9.3 HIGH N/A
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via a crafted SOUND file.
CVE-2010-4394 1 Realnetworks 2 Realplayer, Realplayer Sp 2011-01-18 9.3 HIGH N/A
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.5 allows remote web servers to execute arbitrary code via a long Server header in a response to an HTTP request that occurs during parsing of a RealPix file.
CVE-2010-2579 3 Apple, Linux, Realnetworks 4 Mac Os X, Linux Kernel, Realplayer and 1 more 2011-01-18 5.0 MEDIUM N/A
The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 does not properly initialize the number of channels, which allows attackers to obtain unspecified "memory access" via unknown vectors.
CVE-2010-2999 3 Apple, Linux, Realnetworks 4 Mac Os X, Linux Kernel, Realplayer and 1 more 2011-01-18 9.3 HIGH N/A
Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed MLLT atom in an AAC file.
CVE-2010-0121 3 Apple, Linux, Realnetworks 4 Mac Os X, Linux Kernel, Realplayer and 1 more 2011-01-18 10.0 HIGH N/A
The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 does not properly perform initialization, which has unspecified impact and attack vectors.
CVE-2010-3750 1 Realnetworks 2 Realplayer, Realplayer Sp 2010-10-18 9.3 HIGH N/A
rjrmrpln.dll in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly validate file contents that are used during interaction with a heap buffer, which allows remote attackers to execute arbitrary code via crafted Name Value Property (NVP) elements in logical streams in a media file.
CVE-2010-3748 1 Realnetworks 2 Realplayer, Realplayer Sp 2010-10-18 10.0 HIGH N/A
Stack-based buffer overflow in the RichFX component in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via unknown vectors.
CVE-2010-2998 1 Realnetworks 2 Realplayer, Realplayer Sp 2010-10-18 9.3 HIGH N/A
Array index error in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.0.1 allows remote attackers to execute arbitrary code via malformed sample data in a RealMedia .IVR file, related to a "malformed IVR pointer index" issue.